Bertie Ahern (Dublin Central, Fianna Fail)

The Irish Blood Transfusion Service, IBTS, has given me a report on the incident. The IBTS entered into an agreement with the New York Blood Centre, NYBC, for the provision of a data query tool last October. The purpose of the data warehousing reporting tool is to improve the existing IBTS blood banking system computer, which is called Progresa. The issue the IBTS was trying to deal with was improving its own security and service, which is why it had set up the New York agreement. Under the terms of the agreement, the IBTS exported data on a CD from its Progresa system for the period 2 July 2007 to 11 October 2007. The data were encrypted using a 256-bit key encryption prior to export on the CD. The data contained details of 171,324 donor records, including name, address, date of birth, gender, blood group and contact telephone number. The CD holding the records was handed over to personnel of the NYBC in Ireland during the week beginning 3 December last and it is retained by the NYBC in a physically secure environment. No data stored on the encryption volume can be read or decrypted without using the correct password, key files or encryption keys.

The IBTS and the NYBC consider that the risk of any person being in a position to bypass the password controls and decrypt the data is extremely remote.

See this speech in context